Академический Документы
Профессиональный Документы
Культура Документы
Accountability : The property that ensures that the actions of an entity can
be traced solely to this entity. It guarantees that all operations carried out
by individuals, systems or processes can be identified and the trace to the
author and the operation is kept
3.
Using the NSTISSC Security model, explain the fundamental approach of
information security.
It is now called the National Training Standard for Information security
professionals. The NSTISSC Security Model provides a more detailed perspective
on security. While the NSTISSC model covers the three dimensions of information
security, it omits discussion of detailed guidelines and policies that direct the
implementation of controls. Another weakness of using this model with too
limited an approach is to view it from a single perspective. The 3 dimensions of
each axis become a 3x3x3 cube with 27 cells representing areas that must be
addressed to secure todays Information systems. To ensure system security,
each of the 27 cells must be properly addressed by each of the three
communities of interest during the security process. For example, the
intersection between technology, Integrity and storage areas requires a control
or safeguard that addresses the need to use technology to protect the integrity
of information while in storage. The control might consist of a host intrusion
detection system (HIDS) which alerts the security administrators when a critical
file is modified.